LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 05-26-2005, 07:24 PM   #1
paul_mat
Member
 
Registered: Nov 2004
Location: Townsville, Australia
Distribution: Fedora Core 5, CentOS 4, RHEL 4
Posts: 855

Rep: Reputation: 30
authenticate against AD


hi there,

hi there, i've got my REDHAT ES box setup as my mail server at the moment and when my clients login into there XP work stations they use one password and then another to check there mail.

i'm trying to make it so that they both have the same password, so i'm looking into making my REDHAT box a member of the domain via winbind.

and so far so good, i've manages to edit my smb.conf and krb5.conf file and then use the command 'net ads join -S <server name> -U <username>'
and comes back with the response.

Using short domain name -- DOMAIN NAME
Joined 'REDHAT' to realm 'REALM.NAME'

and i further test it out by saying wbinfo -g and it then gives me a list of all the groups on my AD domain.

but now the next step is to get my unix users to authenticate against my AD domain ... i've looked but i can't really find any information on it though i don't really know what to search for either, some help on either what to look for or a URL to a how to guild would be great!!!
 
Old 05-27-2005, 02:28 PM   #2
hob
Senior Member
 
Registered: Mar 2004
Location: Wales, UK
Distribution: Debian, Ubuntu
Posts: 1,075

Rep: Reputation: 45
We have been running a configuration like this for a long while. My notes are here:

http://www.mythic-beasts.com/~hobb/m...ctiveDirectory

The only thing that I'd add is that you should be sure to make the system up to date, as the first winbind builds shipped by RH had memory leaks.
 
Old 05-27-2005, 09:17 PM   #3
thekat
Member
 
Registered: Oct 2003
Location: /dev/null > Oklahoma
Distribution: Mepis 3.3.2-test 3, CC Home 3.0, OpenBSD 3.8
Posts: 64

Rep: Reputation: 15
Quote:
Originally posted by hob
We have been running a configuration like this for a long while. My notes are here:

http://www.mythic-beasts.com/~hobb/m...ctiveDirectory

The only thing that I'd add is that you should be sure to make the system up to date, as the first winbind builds shipped by RH had memory leaks.
Hob..
very nice how-to..

We have been using samba at work but never got winbind to work..
hence we created linux users to match M$ users.. (there were only about
10 users)....
We then created groups and assigned users to them..

One other thing was we had to switch from heimdal kerberos
to MIT kerberos 1.3.4 or greater.. (this is no longer an issue like it
was a year ago..)

Question ..
Using Winbind .. how do you control access to Linux shares..


tia
 
Old 05-28-2005, 04:37 AM   #4
hob
Senior Member
 
Registered: Mar 2004
Location: Wales, UK
Distribution: Debian, Ubuntu
Posts: 1,075

Rep: Reputation: 45
Quote:
One other thing was we had to switch from heimdal kerberos to MIT kerberos 1.3.4 or greater.. (this is no longer an issue like it was a year ago..)
Red Hat/Fedora includes MIT Kerberos, rather than the Heimdal implementation used by SUSE, so this would only be an issue for SUSE users, I guess.

Quote:
Using Winbind .. how do you control access to Linux shares..
Remember that Winbind is just a service that feeds the Linux authentication system (PAM) and the look-up system (NS). Once it's running you can use groups from Active Directory just as if they were local groups on the Linux system.

The Samba documentation is excellent. Perhaps start here:

http://us4.samba.org/samba/docs/man/...sControls.html
 
Old 05-28-2005, 05:34 AM   #5
bramhastra
Member
 
Registered: May 2005
Location: India
Distribution: RHEL 4.0
Posts: 136

Rep: Reputation: 15
well with those files uneed to configure nsswitch file also
 
Old 05-28-2005, 08:34 AM   #6
thekat
Member
 
Registered: Oct 2003
Location: /dev/null > Oklahoma
Distribution: Mepis 3.3.2-test 3, CC Home 3.0, OpenBSD 3.8
Posts: 64

Rep: Reputation: 15
Much thanks..
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba Authenticate t.augusto Ubuntu 2 11-04-2005 03:13 PM
Can't authenticate with sendmail gauge73 Linux - Networking 1 07-05-2005 10:51 PM
Cannot Authenticate Via SSH Sivel Linux - Software 10 07-03-2005 10:13 AM
Cannot authenticate into KDE??? admstng Mandriva 4 12-26-2004 04:42 AM
Authenticate from a LDAP SuperSerg Linux - Security 2 12-20-2004 11:16 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 07:40 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration